The community marketing site for the Mozilla Foundation's open-source browser Firefox has been hacked, just months after a similar breach occurred.
SpreadFirefox, the official site for promoting the browser, is currently shut down, with a message on the page directing visitors to Getfirefox.com, where they can download the latest version of Firefox.
"We currently plan to make SpreadFirefox available again around October 15th," the message on the site reads. "Keep checking in because it might be up before expected."
The site's administration team added that updates on what is happening can be found on MozillaZine.org.
This second incident follows an attack in July that exploited an unpatched security vulnerability on the organization's site. In that incident, Mozilla warned users that their personal data might have been compromised.
The foundation has not yet issued a similar caution but has noted that the vulnerability exploited is in the TWiki software, which was installed on the server but not actually used by the public site.
While attacks on Web sites have now become commonplace, there is still some surprise in the industry that it is open-source darling SpreadFirefox that was targeted.
"It seems bizarre because it seems like they'd be heroes to the underground," said Graham Cluley, senior technology consultant at security firm Sophos. "But it might just be someone showing off and being childish, demonstrating that they can be big and clever."
Another motivation might be to demonstrate the weakness of Mozilla's security, he added. "It could be a way to show that no one is safe," added Cluley.
As Mozilla works to patch the vulnerabilities and relaunch the SpreadFirefox site, it is likely that the foundation will come under more scrutiny over security issues.
Earlier this year, Mozilla issued several security updates for Firefox, including two in May that were rated as "extremely critical."
The SpreadFirefox incident might be an indication that Mozilla needs to focus on security in several areas, Cluley said. "If they want Firefox to keep growing in adoption, they'll have to show that they're as serious about security as a multinational corporation," he noted.